capstone icon indicating copy to clipboard operation
capstone copied to clipboard
verified publisher icon capstone-engine

[PPC] `mtocrf`, `mfocrf` misses `fxm` immediate

Open Rot127 opened this issue 3 years ago • 1 comments

Brief

The PPC instruction mtocrf should have two operands: register RS and immediate fxm. But Capstone only decodes the register.

Reproduce

> ./cstool -d ppc64be 7c120120
 0  7c 12 01 20  mtocrf	0x20, r0
	ID: 796 (mtocrf)

# missing immediate: 0x20

	op_count: 1
		operands[0].type: REG = r0

Additional info

> git log -i -n 1
commit 0494e94bab2faac6f5356a43bcbc00c0eae42639 (HEAD -> next, origin/next)
Merge: eea28905 16937b1d
...
Date:   Sat Jul 23 23:53:08 2022 +0800

> ./cstool -v
cstool for Capstone Disassembler, v5.0.0

Rot127 avatar Jul 24 '22 12:07 Rot127

Same applies for mfocrf

./cstool -d ppc64 2680707d
 0  26 80 70 7d  mfocrf	r11, 8
	ID: 718 (mfocrf)
	op_count: 1
		operands[0].type: REG = r11

Rot127 avatar Jul 30 '22 13:07 Rot127

This is fixed in v6:

> ./cstool -d ppc64be 7c120120
 0  7c 12 01 20  mtocrf	0x20, r0
	ID: 608 (mtocrf)
	op_count: 2
		operands[0].type: REG = cr2
		operands[0].access: WRITE
		operands[1].type: REG = r0
		operands[1].access: READ

> ./cstool -d ppc64 2680707d
 0  26 80 70 7d  mfocrf	r11, 8
	ID: 583 (mfocrf)
	op_count: 2
		operands[0].type: REG = r11
		operands[0].access: WRITE
		operands[1].type: REG = cr4
		operands[1].access: READ

Rot127 avatar Jan 14 '24 12:01 Rot127